<?php
  echo "<html><body>";
//  echo "test";
  include "config.php";
  session_start();
  switch (@$_GET['action']) {
  case "login":
    $query = "SELECT * FROM $loginTable WHERE username='$_POST[user]' AND password='$_POST[password]';";
    $result = mysql_query($query) or die (mysql_error());
    if ($data = mysql_fetch_array($result)) {
      $_SESSION['user'] = $data['uid'];
      $_SESSION['username'] = $data['username'];
    } else {
      echo "Login Failed";
    }
    break;
  case "logout":
    session_destroy();
    break;
  
  }
  
  if (isset($_SESSION['user'])) {
    echo "user is set";
  //go back home.
  } else {
      echo "Login to view your news!<br><form method = 'post' action = 'admin.php?action=login'><a name = 'login'>
    Login</a><br>
    Username: <br><input value = '' name = 'user' type = 'text'><br>
    Password: <br><input value = '' name = 'password' type = 'password'><br>
    <input type = 'submit' name = 'Login' value = 'Login'> <a href = 'index.php?action=register'>Register</a>
    </form>";	
  }


  echo "</body></html>";
?>